at Stericycle, Inc. in ChicagoChicago, Illinois, United States
Job Description
Job Title: Risk & Compliance Analyst Sr IT
About Us:
At Stericycle, we deliver solutions and drive innovations that protect the environment, people, and public health. This includes working to create a more sustainable, shared future. Our innovative solutions make a difference in people's lives, communities, and our planet by protecting their health and well-being. Change your career. Change your world. Join Stericycle and help protect health and well-being in a safe, responsible, and sustainable way.
Position Purpose:
The Risk & Compliance Analyst Sr IT will be responsible for defining and implementing a leading practice IT internal controls within Stericycle's IT environment and driving a control conscious and compliant organization.
This role is hybrid - Required three days per week in our Bannockburn, Illinois office.
Key Job Activities:
Support control owners through the full management of IT SOX audit cycle, including assisting control owners through continuous improvement of controls, maintaining the IT SOX control framework, facilitating management prep sessions, and helping to validate that audit evidence is complete and accurate prior to providing to the auditors.
Builds and maintains positive working relationships with stakeholders, including application, process, and control owners along with management in support of IT Risk and Compliance processes and practices
Gains knowledge and understanding of SAP S/4, SuccessFactors, Salesforce, Descartes, Coupa, Concur and other legacy systems for IT SOX controls.
Performs targeted risk assessments and provide recommendations to Control Owners.
Participates in scoping activities for IT SOX applications, systems changes and business transformation projects.
Contributor to the design and implementation of enhancements for internal controls such as segregation of duties, change management, access management, IT operations, workflow, and application configuration, etc.
Assists IT SOX process by validating that audit evidence is complete and accurate prior to providing to the auditors.
Identifies, communicates and coordinates efforts to resolve control exceptions.
Drive continual improvement of the IT SOX governance program through the development of training, facilitation of SOX auditors and creation of support materials and processes for Control Owners.
Reviews deficiencies identified during audit or internal assessments and collaborates with the IT Risk & Compliance team to develop and execute remediation plans
Supports IT policy steering committee with senior level management to develop IT policies, provide guidance, ensure consistency, and facilitate roll out and maintenance of corporate IT policies.
Supports IT GRC steering committee intend to continuously improve controls with senior level management
Supports user entitlement reviews using homegrown tools built on Alteryx and Outsystems.
Acts as a liaison to internal/external auditors, fulfilling audit requests and coordinating audit activities with IT stakeholders including the integrated audit and facilitation of SOC-1 reviews of Stericycle.
Assist management with remediation plan development, execution and support for control owners
Participate in IT SOX walkthroughs, to act as รข knowledge resource and to gain an understanding of the current processes and controls
Maintain status reports and key metrics to support the IT Risk and Compliance function.
Perform other duties and responsibilities, as assigned.
Education:
Preferred Education: in Bachelors or Equivalent
Experience (North America):
Bachelor's degree in Information Systems, Computer Science, Accounting, Business or related technical discipline (or equivalent)
5+ years of relevant work experience
Familiar with leading practice IT controls frameworks and audit methodologies and IT industry standards (e.g., COSO 2013, COBIT, ISO, CMM, ITIL, PCI, NIST, SSAE 18 SOC, etc.)
Strong understanding of regulatory concerns especially IT Sarbanes Oxley (IT SOX)
Intermediate knowledge of evaluating internal controls, developing recommendations, designing and implementing solutions
Previous internal or external audit experience a plus
SAP functional knowledge a plus
CISA, CISM, CIA, CPA certifications a plus
Intermediate to advanced skills and hands-on experience in building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, Access
Basic knowledge of project management principles (planning, organizing, and managing assessment process)
Strong interpersonal skills with the ability to work effectively in a... For full info follow application link.
It is the policy of Stericycle, as an equal opportunity/affirmative action employer, to hire the best qualified people available without regard to race, creed, color, sex, sexual orientation, marital status, age, national origin or ancestry, religion, status with regard to public assistance, order of protection status, disability, or veteran status.
To view full details and how to apply, please login or create a Job Seeker account